all things security
Showing 1 - 17 of 17 RSS Feed

Files Date: 2013-10-09

Mobius Forensic Toolkit 0.5.19
Posted Oct 9, 2013
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: The partition-agent extension automatically adds partitions to case when a data source is set. New registry report: "Shared Folders". Minor improvements have been made.
tags | tool, python, forensics
systems | unix
MD5 | c4364c33f602eab4e4b08ddde6bc8794
BoltWire 3.5 Cross Site Scripting
Posted Oct 9, 2013
Authored by Manuel Garcia Cardenas | Site isecauditors.com

BoltWire versions 3.5 and below suffer from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2013-2651
MD5 | 35e8dc586e2d3855a41950db9476c31b
Uebimiau 2.7.11 Cross Site Scripting / Open Redirection
Posted Oct 9, 2013
Authored by Manuel Garcia Cardenas | Site isecauditors.com

Uebimiau versions 2.7.11 and below suffer from open redirect and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2013-2621, CVE-2013-2622, CVE-2013-2623
MD5 | 959e7307fcf5b54b14d99f14f691f282
Feng Office 2.3.2-rc Cross Site Scripting
Posted Oct 9, 2013
Authored by High-Tech Bridge SA | Site htbridge.com

Feng Office version 2.3.2-rc suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2013-5744
MD5 | 3d958be2792c4e5f4b49fb0bdeea0e27
ALLPlayer 5.6.2 Buffer Overflow
Posted Oct 9, 2013
Authored by metacom

ALLPlayer version 5.6.2 suffers from a local buffer overflow vulnerability.

tags | exploit, overflow, local
MD5 | df94252ff6eaa2455b3fa12f6b48e548
Apache Sling 2.2.0 / 2.3.0 Denial Of Service
Posted Oct 9, 2013
Authored by Antonio Sanso | Site sling.apache.org

Apache Sling versions 2.2.0 and 2.3.0 suffer from infinite loop issues that can lead to denial of service.

tags | advisory, denial of service
advisories | CVE-2013-2254
MD5 | 6ee8165a3a1211e6c587f37d880a39b9
(sp)iPhone: Decoding Vibrations From Nearby Keyboards Using Mobile Phone Accelerometers
Posted Oct 9, 2013
Authored by Patrick Traynor, Arunabh Verma, Henry Carter, Philip Marquardt

This whitepaper demonstrates that an application with access to accelerometer readings on a modern mobile phone can use such information to recover text entered on a nearby keyboard. Note that unlike previous emanation recovery papers, the accelerometers on such devices sample at near the Nyquist rate, making previous techniques unworkable. Their application instead detects and decodes keystrokes by measuring the relative physical position and distance between each vibration. The authors then match abstracted words against candidate dictionaries and record word recovery rates as high as 80%. In so doing, they demonstrate the potential to recover significant information from the vicinity of a mobile device without gaining access to resources generally considered to be the most likely sources of leakage (e.g., microphone, camera).

tags | paper
MD5 | cebf017b3e5474ca491741a390fa0c34
Cisco Security Advisory 20131009-fwsm
Posted Oct 9, 2013
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Firewall Services Module (FWSM) Software for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers is affected by command authorization and denial of service vulnerabilities. Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available.

tags | advisory, denial of service, vulnerability
systems | cisco
MD5 | ad1b62820d088d146daeb1e953b2180f
Cisco Security Advisory 20131009-asa
Posted Oct 9, 2013
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Adaptive Security Appliance (ASA) Software is affected by multiple authentication bypass and denial of service vulnerabilities. Cisco has released free software updates that address these vulnerabilities. Workarounds are available for some of the vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | cisco
MD5 | 2c53ff316646201e79ed129d80e790a6
HP Security Bulletin HPSBGN02930
Posted Oct 9, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN02930 - Potential security vulnerabilities have been identified with HP Intelligent Management Center(iMC) and HP IMC Service Operation Management Software Module. The vulnerabilities could be remotely exploited resulting in authentication bypass, disclosure of information, unauthorized access, and SQL injection. Revision 1 of this advisory.

tags | advisory, vulnerability, sql injection
advisories | CVE-2013-4824, CVE-2013-4825, CVE-2013-4826, CVE-2013-4827
MD5 | 434ca003039cab8c11a752f31a1a5ec2
HP Security Bulletin HPSBGN02929
Posted Oct 9, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN02929 - Potential security vulnerabilities have been identified with HP Intelligent Management Center (iMC) and HP IMC Branch Intelligent Management System Software Module (BIMS). The vulnerabilities could be remotely exploited resulting in code execution and disclosure of information. Note: The vulnerability solutions have been implemented in the iMC BIMS software updates. In order to be interoperable with the iMC BIMS updated software, software updates are required for Comware Based Switches and Routers that use BIMS. The software update information for the Comware Based Switches and Routers is also included in the Resolution section below. Revision 1 of this advisory.

tags | advisory, vulnerability, code execution
advisories | CVE-2013-4822, CVE-2013-4823
MD5 | 54048ae0ba0483400ff52d9ad1b71c4f
Debian Security Advisory 2771-1
Posted Oct 9, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2771-1 - Hamid Zamani discovered multiple security problems (buffer overflows, format string vulnerabilities and missing input sanitising), which could lead to the execution of arbitrary code.

tags | advisory, overflow, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2013-4256, CVE-2013-4257, CVE-2013-4258
MD5 | f5422d6e51df5b38eaaf01ac4f2969fb
Ubuntu Security Notice USN-1988-1
Posted Oct 9, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1988-1 - It was discovered that Cyrus SASL incorrectly handled certain invalid password salts. An attacker could use this issue to cause Cyrus SASL to crash, resulting in a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2013-4122
MD5 | 3fde95c44d690d846ce01387e1f5e2b6
Ubuntu Security Notice USN-1987-1
Posted Oct 9, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1987-1 - Daniel Kahn Gillmor discovered that GnuPG treated keys with empty usage flags as being valid for all usages. Taylor R Campbell discovered that GnuPG incorrectly handled certain OpenPGP messages. If a user or automated system were tricked into processing a specially-crafted message, GnuPG could consume resources, resulting in a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2013-4351, CVE-2013-4402, CVE-2013-4351, CVE-2013-4402
MD5 | be1ee2ecac36819bb0ad05e9032f85ca
Debian Security Advisory 2770-1
Posted Oct 9, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2770-1 - John Fitzpatrick of MWR InfoSecurity discovered an authentication bypass vulnerability in torque, a PBS-derived batch processing queueing system.

tags | advisory, bypass
systems | linux, debian
advisories | CVE-2013-4319
MD5 | 3f8d5c1541f021886cc8db78ef3e856a
U3-Pwn Sandisk Executable Injection Tool 2.0
Posted Oct 9, 2013
Authored by Zy0d0x | Site nullsecurity.net

U3-Pwn is a tool designed to automate injecting executables to Sandisk smart usb devices with default U3 software install. This is performed by removing the original iso file from the device and creating a new iso with autorun features.

Changes: Various updates.
tags | tool
systems | unix
MD5 | ef1d6b0184d5824b43f3870530502d98
flv-player 3.5 Cross Site Scripting / Content Spoofing
Posted Oct 9, 2013
Authored by MustLive

flv-player versions 3.5 and below suffer from cross site scripting and content spoofing vulnerabilities.

tags | exploit, spoof, vulnerability, xss
MD5 | 35bbb8533151cda26609dc65955f3a99
Page 1 of 1
Back1Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close